Thursday, January 14, 2010

Court Upholds Forum Selection Clause in B2B Clickwrap

By Mehmet Munur

A District Court in Indiana recently held that NexTag’s clickwrap Terms of Service was enforceable against Appliance Zone despite arguments by Appliance Zone that no contract was formed and that if an agreement were formed it was procedurally unconscionable. Ironically, NexTag was helped by the fact that Appliance Zone was an ecommerce merchant that used a similar sign-up process and similar website terms of use in its own business.

Appliance Zone advertises and distributes appliance parts and accessories through its commercial website. NexTag operates a commercial comparison website and advertises the goods of third parties such as Appliance Zone. NexTag refers customers to the third parties’ website where they can purchase the good and charges a few dimes for every referral.

When Appliance Zone found out that NexTag used Appliance Zone’s trademark to promote the prices of goods of Appliance Zone’s competitors, Appliance Zone brought a trademark infringement suit under the Lanham Act against NexTag in Indiana. NexTag, being a Delaware corporation based out of California, argued improper venue due to the forum selection clause in its Terms of Service Agreement, which every business must agree with before listing their products on NexTag. Thus, the court had to decide whether the forum selection clause in NexTag’s Terms of Service Agreement was enforceable.

Appliance Zone raised three arguments to state that the forum selection clause not applicable: 1) there was no agreement between the parties; 2) if there was an agreement, it was unconscionable; and 3) the lawsuit did not arise out of the agreement and thus it was not governed by the forum selection clause.

First, Appliance Zone argued that the employee that signed up with NexTag did not have the authority to enter into the contract. The court held that the employee had apparent authority to enter into the contract. The employee clicked the radio box next to the statement “I accept the NexTag Terms of Service,” uploaded 20,000 product descriptions and 14,000 product images onto NexTag’s website, and Appliance Zone paid for NexTag’s services. Therefore, the conduct demonstrated acceptance of a valid contract.

Second, Appliance Zone argued that the Terms of Service Agreement was unconscionable because 1) it was inconspicuous, 2) parties had unequal bargaining power, and 3) Appliance Zone did not read it. The court rejected each of these arguments. The court held that the presentation of the Terms of Service Agreement was typical for the online retail industry, that it was clearly labeled, and that it was placed in a highly visible portion of the web page. Appliance Zone also had to check a box to manifest assent to the Agreement. The court also cited Appliance Zone’s similar sign-up process and similar language in its Terms of Use against Appliance Zone to state that NexTag’s Terms of Service Agreement was not procedurally or substantively unfair. The court also stated that Appliance Zone had failed to demonstrate the disparity in the bargaining power and that Appliance Zone would be presumed to have read the terms and agreed to them when it signed them as a matter of fundamental contract principle.

Finally, the court addressed Appliance Zone’s argument that the trademark issue did not arise out of the Terms of Service Agreement. The court held that the binding precedent required that the Agreement govern the dispute between the parties—Appliance Zone had cited to persuasive 2nd Circuit Precedent.

This case highlights how electronic Business-to-Business agreements are more difficult to overturn than electronic Business-to-Consumer agreements. Plaintiff’s arguments related to not having read the agreement, uneven bargaining positions, and unconscionability are mostly arguments raised in Business-to-Consumer settings. However, such arguments are unlikely to work in cases where the party arguing against the enforceability of the contracts employs a similar contract in a similar settings.

Tuesday, January 12, 2010

Article 29 Working Party Releases 12th Annual Report

By Mehmet Munur

The Article 29 Working Party, a group created under the EU Data Protection Directive and made up of the data protection regulators of each Member State to provide guidance on data protection and privacy issues, has released its 12th Annual Report. The Chairman, Alex Turk, states that the four main issues of the year were protection of children’s personal data, search engines and the large of amounts of data they gather, international transfer of personal data with emphasis on the use of Binding Corporate Rules, and air passenger name records. Overall, Enforcement by the DPAs appears to have increased compared to the previous year.

The report serves as a summary of all EU DPAs’ reports on the implementation of the EU Data Protection Directive, the E-Privacy Directive, major case law, and major specific issues. The following are some of the interesting tidbits from the Annual Report.

The Austrian DPA found that a whistle-blower hotline of a US multinational required that the Austrian subsidiary be considered a data controller. The Austrian DPA held that data transfers by the employees would be imputed to the employer because the employer’s Code of Conduct required its employees to report illegal or unethical activity.

The Danish DPA highlighted the case of a nightclub that wanted to create an electronic access control system that used fingerprints, photos, and black lists of unwanted customers who would be rejected at the door. The DPA allowed the database so long as customers gave explicit consent and data was deleted after consent was withdrawn.

The French DPA, CNIL, stated that it had been in session 50 times and adopted 586 resolutions during the year, an increase of 50% compared to previous year. CNIL also handled 4,244 complaints during the year. It conducted 218 inspections, “an increase of 33 % compared to the previous year.” The DPA imposed fines ranging between $30,000 to $100. CNIL also issued 126 warnings, an increase of 20% compared to the previous year.

The Dutch DPA greatly increased its enforcement activity compared to the previous years. It carried out 95 investigations, an increase of 50% compared to the previous year, and imposed sanctions or threatened to impose sanctions on 68 cases, compared to 39 in the previous year and 2 the year before.

The Spanish DPA, AEPD, was just as active as it was in the previous year. The DPA did not disclose how much money it collected in fines; however, it reported a sharp increase in reported offences. AEPD continued to focus on telecommunications, financial institutions, and video surveillance issues during its investigations. In fact, the financial sector and the telecommunications sector made up the top two spots for fines imposed during the year. The Spanish DPA has also been increasing its activities in the international arena. In addition, AEPD is taking larger leadership role in the Ibero-American Network for Data Protection. During the 31st International Data and Privacy Protection Conference, AEPD made a “Joint Proposal to Draft International Standards for Protection of Privacy and Personal Data” that was unanimously adopted. AEPD is now in charge of developing international standards for the protection of privacy with regard to processing of personal information.

Wednesday, January 06, 2010

The Article 29 Working Party started the new year with a volley of announcements. The Working Party document WP 165 states that Israel guarantees an adequate level of protection and WP 166 states that Andorra has adequate privacy protections. Additionally, the Working Party issued WP168 on “The Future of Privacy: Joint contribution to the Consultation of the European Commission on the legal framework for the fundamental right to protection of personal data.”

WP168 is a response to the Consultation by the European Commission asking for views on whether the EU’s current legal framework was satisfactory for the challenges posed by new technology and shifts in culture since the adoption of the EU Data Protection Directive in 1995. The Working Party, with the cooperation of the Working Party on Police and Justice, state that “the main principles of data protection are still valid despite the new technologies and globalisation.” However, the consultation also proposes that concepts of consent and transparency be clarified, additional principles such as privacy by design and accountability be adopted, bureaucratic burdens be simplified, and that fundamental rights be unified to apply to police and judicial cooperation in criminal matters. This document suggest the direction that European Data Protection is likely to take in the near future.

This web site provides general information about our firm for your convenience. This website and its content do not establish an attorney/client relationship between us. Information on the site is not legal advice.
Do not send confidential information to any of our lawyers without first obtaining our permission.